filtergen is a tool for generating packet filtering rules from a fairly high-level description language into platform specific filter rules, e.g. iptables, ipfilter, and (partially) Cisco IOS.
Not many large software products are written entirely in assembly language these days; it’s not difficult, but it does take longer to implement and bugfix, and is not portable to other systems. It’s also harder for others to understand, maintain, and fix.
Similarly, it seems odd that people continue to write packet filters in the equivalent of assembler – hence this package: the intent is that filtergen will be to iptables and shell what a C compiler is to assembly.
filtergen is a continuation of the code that began life as http://hairy.beasts.org/filter by Matthew Kirkwood.
filtergen is free software, licensed under the GNU General Public License.
The latest released version of filtergen can be downloaded from here.
The latest version of the source code is kept in bazaar:
bzr get http://repo.spacepants.org/filtergen/mainline>
Send any patches or suggestions to Jamie Wilkinson